Signature-generation method, signature-verification method, public-key distribution method, and information-processing apparatus

US 20060075246A1
Filed: 09/29/2005
Published: 04/06/2006
Est. Priority Date: 10/05/2004
Status: Active Grant

First Claim

Patent Images

1. A signature-generation method comprising:

a transmission step of transmitting a message to be signed;

an addition step of adding a padding-data item to the message;

a generation step of generating a signature-data item of the message to which the padding-data item is added by using at least one hash function and at least one public-key cryptosystem;

performing the addition step and the generation step a predetermined number of times by using the signature-data item as the padding-data item; and

an external transmission step of transmitting the signature-data items that are generated by performing the generation step the predetermined number of times and the padding-data items that are added by performing the addition step the predetermined number of times with the message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

To generate and verify signature data using a known signature algorithm whose safety is ensured from the viewpoint of calculation quantity and ensuring the authenticity thereof over a long time period. A message to be signed is transmitted, a padding-data item is added to the message, and a signature-data item of the message with the padding-data item added thereto is generated by using a hash function and a public-key cryptosystem. The addition step and the generation step are performed a predetermined number of times by using the signature-data item, as the padding-data item, and the signature-data items generated the predetermined number of times and the padding-data items added the predetermined number of times are externally transmitted with the message.

33 Citations

View as Search Results

20 Claims

1. A signature-generation method comprising:
- a transmission step of transmitting a message to be signed;
  
  an addition step of adding a padding-data item to the message;
  
  a generation step of generating a signature-data item of the message to which the padding-data item is added by using at least one hash function and at least one public-key cryptosystem;
  
  performing the addition step and the generation step a predetermined number of times by using the signature-data item as the padding-data item; and
  
  an external transmission step of transmitting the signature-data items that are generated by performing the generation step the predetermined number of times and the padding-data items that are added by performing the addition step the predetermined number of times with the message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A signature-generation method according to claim 1, wherein where the addition step and the generation step are performed the predetermined number of times, algorithms used for the hash function vary every time the addition step and the generation step are performed.
  - 3. A signature-generation method according to claim 1, wherein where the addition step and the generation step are performed the predetermined number of times, algorithms used for the public-key cryptosystem vary every time the addition step and the generation step are performed.
  - 4. A signature-generation method according to claim 1, wherein where the addition step and the generation step are performed the predetermined number of times, a key length used for the public-key cryptosystem decreases every time the addition step and the generation step are performed.
  - 5. A signature-generation method according to claim 1, wherein the message, the padding-data item, and the signature-data item are coupled to one another so that at least one public-key certificate is generated.
  - 6. A signature-generation method according to claim 5, wherein the public-key certificate includes at least one extension part in a format that is set based on ITU-U recommendation X.509 v.3 and wherein the padding-data item is stored in the extension part.
  - 7. A program configured to making a computer perform the signature-generation method according to claim 1.
  - 8. A computer-readable recording medium configured to store the program according to claim 7.

9. A signature-verification method comprising:
- a transmission step of transmitting a message to be signed, a signature-data item, and a padding-data item;
  
  an addition step of adding the padding-data item to the message;
  
  a signature-verification-performing step of performing signature verification, so as to verify the message to which the padding-data item is added by using at least one hash function and the signature-data item; and
  
  an external transmission step of transmitting a result of the signature verification.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. A signature-verification method according to claim 9, wherein at the transmission step, a plurality of the padding-data items used for performing the signature verification is transmitted and the addition step and the signature-verification-performing step are repeated a predetermined number of times.
  - 11. A signature-verification method according to claim 10, wherein, at the step of repeating the addition step and the signature-verification-performing step the predetermined number of times, algorithms used for the hash function vary every time the addition step and the signature-verification-performing step are performed.
  - 12. A signature-verification method according to claim 10, wherein, at the step of repeating the addition step and the signature-verification-performing step the predetermined number of times, algorithms used for the signature verification vary every time the signature-verification-performing step is performed.
  - 13. A signature-verification method according to claim 10, wherein, at the step of performing the addition step and the signature-verification-performing step the predetermined number of times, a key length used for the signature verification decreases every time the signature-verification-performing step is performed.
  - 14. A signature-verification method according to claim 9, wherein the message, the padding-data item, and the signature-data item are coupled to one another so that at least one public-key certificate is generated.
  - 15. A signature-verification method according to claim 9, wherein the public-key certificate includes at least one extension part in a format that is set based on ITU-U recommendation X.509 v.3 and wherein the padding-data item is stored in the extension part.
  - 16. A program configured to make a computer perform the signature-verification method according to claim 9.
  - 17. A computer-readable recording medium configured to store the program according to claim 16.

18. A public-key distribution method adapted to release a first public key and a first padding-data item that are required for performing verification, a second public key different from the first public key, and a second padding-data item required for performing the verification.

19. An information-processing apparatus comprising:
- an input unit configured to transmit a message to be signed;
  
  an addition unit configured to add a padding-data item to the message;
  
  a generation unit configured to generate a signature-data item of the message to which the padding-data item is added by using at least one hash function and at least one public-key cryptosystem;
  
  a control unit configured to control the addition unit and the generation unit so that adding the padding-data item to the message and generating a signature-data item of the message are performed a predetermined number of times by using the signature-data item as the padding-data item; and
  
  an external-transmission unit configured to transmit the signature-data items that are generated by generating the signature-data item of the message the predetermined number of times and the padding-data items that are added by adding the padding-data item the predetermined number of times with the message.

20. An information-processing apparatus comprising:
- an input unit configured to transmit a message to be signed, a signature-data item, and a padding-data item;
  
  an addition unit configured to add the padding-data item to the message;
  
  a signature-verification unit configured to perform signature verification, so as to verify the message to which the padding-data item is added by using at least one hash function and the signature-data item; and
  
  an external-transmission unit configured to transmit a result of the signature verification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Original Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Inventors
Suga, Yuji

Granted Patent

US 7,685,429 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 2209/20 Manipulating the length of ...

H04L 9/3247 involving digital signatures

Signature-generation method, signature-verification method, public-key distribution method, and information-processing apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Signature-generation method, signature-verification method, public-key distribution method, and information-processing apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links